newsswipe2020.com Open in urlscan Pro
162.214.113.72 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.sharebutton.co/
Effective URL:
https://newsswipe2020.com/de/loewen1/?cep=Rp8YG6wB6nRZ5osGAgXuv2HRIswmrKqlcxAEwjY05MJ5Y9kvuHPVUg6nUF98X-MjYWHN0j5gNib85RSU...
Submission: On June 30 via manual (June 30th 2020, 9:50:01 am UTC) from US

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 53 HTTP transactions. The main IP is 162.214.113.72, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is newsswipe2020.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 2nd 2020. Valid for: 3 months.

This is the only time newsswipe2020.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 6	199.59.242.153 199.59.242.153	395082 (BODIS-NJ) (BODIS-NJ)
1	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 2	198.54.112.216 198.54.112.216	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 1	18.195.195.71 18.195.195.71	16509 (AMAZON-02) (AMAZON-02)
38	162.214.113.72 162.214.113.72	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
53	8

6 199.59.242.153 (United States) 1 redirects

ASN395082 (BODIS-NJ, US)

www.sharebutton.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.54.112.216 (Los Angeles, United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

7487.wcitianka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.195.71 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-195-71.eu-central-1.compute.amazonaws.com

implevel-walumes.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 162.214.113.72 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.newsswipe2020.com

newsswipe2020.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	newsswipe2020.com newsswipe2020.com	2 MB
6	sharebutton.co 1 redirects www.sharebutton.co	15 KB
2	wcitianka.com 1 redirects 7487.wcitianka.com	793 B
2	gstatic.com fonts.gstatic.com	18 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	implevel-walumes.icu 1 redirects implevel-walumes.icu	2 KB
1	googleapis.com fonts.googleapis.com	776 B
1	google.com www.google.com	59 KB
0	maildailyonline.com Failed maildailyonline.com Failed
53	9

	Domain	Requested by
38	newsswipe2020.com	7487.wcitianka.com newsswipe2020.com
6	www.sharebutton.co	1 redirects www.sharebutton.co
2	7487.wcitianka.com	1 redirects www.sharebutton.co
2	fonts.gstatic.com
2	www.google-analytics.com
1	implevel-walumes.icu	1 redirects
1	fonts.googleapis.com	www.sharebutton.co
1	www.google.com	www.sharebutton.co
0	maildailyonline.com Failed	newsswipe2020.com
53	9

This site contains links to these domains. Also see Links.

Domain
implevel-walumes.icu

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
newsswipe2020.com cPanel, Inc. Certification Authority	`2020-06-02` - `2020-08-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://newsswipe2020.com/de/loewen1/?cep=Rp8YG6wB6nRZ5osGAgXuv2HRIswmrKqlcxAEwjY05MJ5Y9kvuHPVUg6nUF98X-MjYWHN0j5gNib85RSUhBAHWfG67K9RRgHKoFelNRII3GiNta09RJT84Wc-TUI8ognxUsx6Xs5p01IuPT3Ea4R84LjzXuOxpN3xYrIuS7AnW3kX1zk5Qa00lhBYCSb6oieMG12uigV87qn_HRSOk_bCpRHqE1z5SgdDtdMblWyMPjym5MYbkjOn05Dw4eN7ih-pnq6SkuE2HVqI75OCEM-XFSCKjdRnxAd313AfW-xd2KF_LTF6x4R2txIoX1UyR2ELGsmuFVBvO89Hp1g1mdy0mIfxoKR8MnNm1hQ_nAUGzhrDln5aMsyNRYH_Ui-N8FQCtc0-OhkKoZM3IVlC0cJB6XJ5-2RJiGfppCKyINQJN9TVWZpv--CrpCveMI9OPa2zEQOVsZhM7tqkoE9Bi0HW-w&lptoken=152b934a5130231c85e0&hsclick=1593510585.17-148371777-51365&target=apix33-sharebutton.co&cost=0.005
Frame ID: 777169DEFBA32BDEF6CA4E2D1060D276
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.sharebutton.co/ Page URL
http://www.sharebutton.co/rz?u=http%3A%2F%2F7487.wcitianka.com%2Fmatch-7487%2F51365%2F148371777%2F1593... HTTP 302
http://7487.wcitianka.com/match-7487/51365/148371777/1593510583/mf_63405c81-af68-4278-8590-7b26a1d2bb8... Page URL
http://7487.wcitianka.com/match-7487/51365/148371777/1593510583/mf_63405c81-af68-4278-8590-7b26a1d2bb8... HTTP 302
https://implevel-walumes.icu/8b573ed5-68e0-45b6-bece-390b762a1482?hsclick=1593510585.17-148371777-51365&t... HTTP 302
https://newsswipe2020.com/de/loewen1/?cep=Rp8YG6wB6nRZ5osGAgXuv2HRIswmrKqlcxAEwjY05MJ5Y9kvuHPVUg6nUF98... Page URL